<?php
namespace Common\Controller;
use Think\Controller;

/**
 * 后台账号继承基类
 * @author zhangYe
 * @date   06/22/2016
 * @version  0.001
 */

class BaseController extends _AllController
{
	protected $m_user = null;
	protected $m_is_admin = false;/*是否拥有管理员权限*/
	protected $m_psize = 20; /*默认分页大小*/

	public function _initialize()
	{
		parent::_initialize();
		header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
		header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
		header("Cache-Control: no-cache, must-revalidate");
		header("Pramga: no-cache");
		session_write_close();
		session_start();
		$this->uload();
		//获取前端参数接口不需要登录
		$controller = CONTROLLER_NAME;
		$action = ACTION_NAME;
		if (strtolower( $action )== 'param' || strtolower( $controller) =='index'){
			return;
		}
		if( !$this->m_user || !isset($this->m_user['user_id']) ){
			header("HTTP/1.0 401 Unauthorized");
			exit( "登陆凭据已经失效，需要重新登陆" );
		}
	  	else{
	  		$ServiceUser = D("Admin/User","Service","Admin");
			// 授权验证
	  		if( $this->m_user['user_id'] ==1) {
	  			$this->m_is_admin = TRUE;
	  		}
	  		else{
				$authRes = $ServiceUser->auth( $this->m_user['user_id'], $this->m_user['role_id'] );
				if( $authRes && $authRes['rcode'] ){
					if( isset( $authRes['is_admin'] ) && $authRes['is_admin'] ){
						$this->m_is_admin = TRUE;
					}
				}
				else{
					$this->needAuth($authRes);
				}
			}

	  		$_param['request_method'] = isset( $_SERVER['REQUEST_METHOD'] ) ? $_SERVER['REQUEST_METHOD'] : " ";	//请求方法
	  		$_param['request_url'] = urldecode(__SELF__);
	  		$_param['request_data'] = isset( $_SERVER["QUERY_STRING"] ) ? $_SERVER["QUERY_STRING"] : " ";		//请求数据
	  		$_param['request_data'] = urldecode($_param['request_data']);

	  		$_param['uid'] = $this->m_user['user_id'];

	  		// 记录操作日志
	  		if($_param['request_url'])
	  			$this->$vvv = $ServiceUser->log($_param);
	  	}
   	}

   	private function needAuth( $msg ){
   		header("HTTP/1.0 403 Unauthorized");
   		$res = array('rcode'=>-1,'msg'=>$msg);
   		e_json( $res );
   	}

   	protected function uload( $forece = FALSE){
		$uinfo = '';
		$uinfo = isset($_SESSION[C('ADMIN_HASH_NAME')]) ? $_SESSION[C('ADMIN_HASH_NAME')] : '';
		if( count($uinfo) )
		{
		   	$uinfos = authcode( $uinfo , "DECODE");
		   	$arruinfo = unserialize( $uinfos );
		    $this->m_user = $arruinfo;
		    //$this->aupdate($this->m_user['uid']);
			$bangUser = F("_banu");
			if( $bangUser && isset( $bangUser[$this->m_user['user_id']]) )
			{
				//清空session
				$_SESSION[C('ADMIN_HASH_NAME')] = NULL;
				$bangInfo = $bangUser[$this->m_user['user_id']]['info'] ? $bangUser[$this->m_user['user_id']]['info'] : "配置数据已经修改，请重新登陆!";
				unset(  $bangUser[$this->m_user['user_id']] );
				F("_banu", $bangUser );
				header("HTTP/1.0 401 Unauthorized");
				exit( "部门岗位数据已经修改，请重新登陆!" );
			}
		}
		else
			$this->m_user = false;
	}
}